-
-
Save strogonoff/1369619 to your computer and use it in GitHub Desktop.
| from django import http | |
| try: | |
| from django.conf import settings | |
| XS_SHARING_ALLOWED_ORIGINS = settings.XS_SHARING_ALLOWED_ORIGINS | |
| XS_SHARING_ALLOWED_METHODS = settings.XS_SHARING_ALLOWED_METHODS | |
| XS_SHARING_ALLOWED_HEADERS = settings.XS_SHARING_ALLOWED_HEADERS | |
| XS_SHARING_ALLOWED_CREDENTIALS = settings.XS_SHARING_ALLOWED_CREDENTIALS | |
| except AttributeError: | |
| XS_SHARING_ALLOWED_ORIGINS = '*' | |
| XS_SHARING_ALLOWED_METHODS = ['POST', 'GET', 'OPTIONS', 'PUT', 'DELETE'] | |
| XS_SHARING_ALLOWED_HEADERS = ['Content-Type', '*'] | |
| XS_SHARING_ALLOWED_CREDENTIALS = 'true' | |
| class XsSharing(object): | |
| """ | |
| This middleware allows cross-domain XHR using the html5 postMessage API. | |
| Access-Control-Allow-Origin: http://foo.example | |
| Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE | |
| Based off https://gist.github.com/426829 | |
| """ | |
| def process_request(self, request): | |
| if 'HTTP_ACCESS_CONTROL_REQUEST_METHOD' in request.META: | |
| response = http.HttpResponse() | |
| response['Access-Control-Allow-Origin'] = XS_SHARING_ALLOWED_ORIGINS | |
| response['Access-Control-Allow-Methods'] = ",".join( XS_SHARING_ALLOWED_METHODS ) | |
| response['Access-Control-Allow-Headers'] = ",".join( XS_SHARING_ALLOWED_HEADERS ) | |
| response['Access-Control-Allow-Credentials'] = XS_SHARING_ALLOWED_CREDENTIALS | |
| return response | |
| return None | |
| def process_response(self, request, response): | |
| response['Access-Control-Allow-Origin'] = XS_SHARING_ALLOWED_ORIGINS | |
| response['Access-Control-Allow-Methods'] = ",".join( XS_SHARING_ALLOWED_METHODS ) | |
| response['Access-Control-Allow-Headers'] = ",".join( XS_SHARING_ALLOWED_HEADERS ) | |
| response['Access-Control-Allow-Credentials'] = XS_SHARING_ALLOWED_CREDENTIALS | |
| return response |
- Make folder called middleware and create a file called crossdomainxhr.py (copy above code under that file)
- add init.py file under middleware so django can pickup it as module.
- Add .middleware.crossdomainxhr.XsSharing in MIDDLEWARE_CLASSES section
And add below config in settings -
XS_SHARING_ALLOWED_ORIGINS = "http://127.0.0.1:88"
XS_SHARING_ALLOWED_METHODS = ['POST','GET','OPTIONS', 'PUT', 'DELETE']
- Where does this middleware folder go?
- What should be in init.py?
And what is meant by "below config"?
Where does this middleware folder go?
Anywhere that it can be picked up on your Python search path.
What should be in init.py?
Nothing. The presence of an empty __init__.py file in a directory is sufficient to allow the directory to be treated as a Python module (and thus allow the middleware to be imported).
And what is meant by "below config"?
Hmm, not too clear on that one, but I suspect that if you put those variables somewhere below MIDDLEWARE_CLASSES in your settings.py, you'll be OK.
This worked for me when I was getting blank response using jquery and tastypie. Thank you so much!
I had to add the extra auth headers and then this worked great! Couldn't get the other GIST about CORSResource for Tastypie to work. This is how I configured it:
XS_SHARING_ALLOWED_HEADERS = ['authorization'] # IF START SEEING ERRORS HERE must DUPLICATE ' Access-Control-Request-Headers' from request see https://developer.mozilla.org/en-US/docs/HTTP/Access_control_CORS
There is any special reason you assign variables outside class instead of init of the class ?
Where to put this codes?